Please refer to bug 9615 When stopping/restarting the nrpe service.. nrpe[18832]: Caught SIGTERM - shutting down... nrpe[18832]: Cannot remove pidfile '/var/run/nrpe/nrpe.pid' - check your privileges. nrpe[18832]: Daemon shutdown nrpe[19974]: Stopping nrpe: [ OK ] # ll /var/run/nrpe/nrpe.pid -rw-r--r-- 1 root root 6 May 3 18:16 /var/run/nrpe/nrpe.pid nrpe runs as user/group nagios It doesn't prevent the service stopping or restarting but does leave the pid file behind. Reproducible: Steps to Reproduce:
Possibly /var/run/nrpe should be owned by nagios:nagios, i.e. this in %files: %attr(0755,nagios,nagios) %dir %{_var}/run/%{name} This would also affect the Cauldron version, as it has a tmpfiles conf: d /run/nrpe 755 root root Speaking of which, Daniel and Guillaume have competing commits in Cauldron adding and removing the /run/nrpe directory in the SPEC. Guillaume was correct to remove what Daniel added to the SPEC for that, but I see why Daniel thought it was needed. /run/nrpe isn't created immediately upon package installations, because this is missing from %post: %_tmpfilescreate %{name} That should be added before the %_post_service %{name} line.
CC: (none) => luigiwalser
Fixed in Cauldron in nrpe-2.14-2.mga4. Fixed in SVN for Mageia 2 and Mageia 3. The next security update will fix this.
Version: 2 => 3Whiteboard: (none) => MGA2TOO
Claire, if you wouldn't mind testing this on Mageia 3, since the /run/nrpe directory isn't created at all currently (because of the missing _tmpfilescreate), this might be a more serious issue there. If so, we could go ahead and update this now.
There is a clear problem this time, the service fails to start after a timeout saying it cannot create the pid file. It does actually start it but then kills it after the timeout. $ ps aux | grep nrpe | grep -v grep root 9269 0.0 0.0 20528 1092 pts/1 S+ 06:56 0:00 /bin/systemctl start nrpe.service nagios 9281 0.0 0.0 39536 1316 ? Ss 06:56 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d # service nrpe start Redirecting to /bin/systemctl start nrpe.service Job for nrpe.service failed. See 'systemctl status nrpe.service' and 'journalctl -n' for details. # service nrpe status Redirecting to /bin/systemctl status nrpe.service nrpe.service - Nagios Remote Plugin Execution daemon Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled) Active: failed (Result: timeout) since Wed, 2013-08-14 06:58:17 BST; 24s ago Process: 9280 ExecStart=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/nrpe.service systemd[1]: Starting Nagios Remote Plugin Execution daemon... nrpe[9281]: Starting up daemon nrpe[9281]: Cannot write to pidfile '/run/nrpe/nrpe.pid' - check your privileges. nrpe[9281]: Listening for connections on port 5666 nrpe[9281]: Allowing connections from: 127.0.0.1 systemd[1]: Failed to start Nagios Remote Plugin Execution daemon. systemd[1]: Unit nrpe.service entered failed state $ ps aux | grep nrpe | grep -v grep $
It's not creating the /run/nrpe directory
Thanks Claire, that's what I was expecting. Let's fix this then. Advisory: ---------------------------------------- Various issues with the directory that the NRPE service uses to store its PID file have been corrected. ---------------------------------------- Updated packages in core/updates_testing: ---------------------------------------- nrpe-2.14-1.1.mga2 nagios-check_nrpe-2.14-1.1.mga2 nrpe-2.14-1.1.mga3 nagios-check_nrpe-2.14-1.1.mga3 from SRPMS: nrpe-2.14-1.1.mga2.src.rpm nrpe-2.14-1.1.mga3.src.rpm
CC: (none) => luis.daniel.lucioAssignee: luis.daniel.lucio => qa-bugs
Testing complete mga3 64 After update.. # service nrpe start Redirecting to /bin/systemctl start nrpe.service # service nrpe status Redirecting to /bin/systemctl status nrpe.service nrpe.service - Nagios Remote Plugin Execution daemon Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled) Active: active (running) since Wed, 2013-08-14 15:30:00 BST; 1min 59s ago Process: 12393 ExecStart=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d (code=exited, status=0/SUCCESS) Main PID: 12394 (nrpe) CGroup: name=systemd:/system/nrpe.service รข 12394 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d systemd[1]: Starting Nagios Remote Plugin Execution daemon... nrpe[12394]: Starting up daemon systemd[1]: Started Nagios Remote Plugin Execution daemon. nrpe[12394]: Listening for connections on port 5666 nrpe[12394]: Allowing connections from: 127.0.0.1 # ll -d /run/nrpe drwxr-xr-x 2 nagios nagios 60 Aug 14 15:30 /run/nrpe/ # ll /run/nrpe total 4 -rw-r--r-- 1 root root 6 Aug 14 15:30 nrpe.pid # netstat -pant | grep nrpe tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 12394/nrpe # /usr/lib64/nagios/plugins/check_nrpe -H localhost NRPE v2.14 # service nrpe stop Redirecting to /bin/systemctl stop nrpe.service # service nrpe status Redirecting to /bin/systemctl status nrpe.service ... systemd[1]: Stopping Nagios Remote Plugin Execution daemon... systemd[1]: Stopped Nagios Remote Plugin Execution daemon. # /usr/lib64/nagios/plugins/check_nrpe -H localhost Connection refused by host # ll /run/nrpe total 0
Whiteboard: MGA2TOO => MGA2TOO has_procedure mga3-64-ok
Testing complete mga2 32 The pid files are stored in a different place on mga2, /var/run/ # service nrpe start Starting nrpe (via systemctl): [ OK ] # ll /var/run/nrpe/ total 4 -rw-r--r-- 1 root root 6 Aug 14 18:45 nrpe.pid # ll -d /var/run/nrpe/ drwxr-xr-x 2 nagios nagios 4096 Aug 14 18:45 /var/run/nrpe// # /usr/lib/nagios/plugins/check_nrpe -H localhost NRPE v2.14 # service nrpe stop Stopping nrpe (via systemctl): [ OK ] # /usr/lib/nagios/plugins/check_nrpe -H localhost Connection refused by host # ll /var/run/nrpe/ total 0
Whiteboard: MGA2TOO has_procedure mga3-64-ok => MGA2TOO has_procedure mga3-64-ok mga2-32-ok
Testing complete mga2 64
Whiteboard: MGA2TOO has_procedure mga3-64-ok mga2-32-ok => MGA2TOO has_procedure mga3-64-ok mga2-32-ok mga2-64-ok
Advisory uploaded
Testing complete mga3 32 Validating Could sysadmin please push from 2 & 3 core updates testing to updates Thanks!
Keywords: (none) => validated_updateWhiteboard: MGA2TOO has_procedure mga3-64-ok mga2-32-ok mga2-64-ok => MGA2TOO has_procedure mga3-32-ok mga3-64-ok mga2-32-ok mga2-64-okCC: (none) => sysadmin-bugs
FYI: http://svn.mandriva.com/viewvc/packages/cooker/nrpe/current/SPECS/nrpe.spec?r1=535273&r2=544448
CC: (none) => oe
(In reply to Oden Eriksson from comment #12) > FYI: > http://svn.mandriva.com/viewvc/packages/cooker/nrpe/current/SPECS/nrpe. > spec?r1=535273&r2=544448 Yeah guillomovitch likes to do that, but for /var/run/nrpe, that looks wrong. Not sure I see the purpose in pointing this commit out though...
Update pushed: http://advisories.mageia.org/MGAA-2013-0085.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED